package com.xiaomaoguai.cloud.auth;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @author August.Zhang
 * @version v1.0.0
 * @date 2020/1/20 11:25
 * @since JDK 1.8
 */
@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {

	/**
	 * 配置
	 *
	 * @param auth 身份验证
	 * @throws Exception 异常
	 */
	@Override
	protected void configure(final AuthenticationManagerBuilder auth) throws Exception {

		auth.inMemoryAuthentication()
				.passwordEncoder(new BCryptPasswordEncoder())
				.withUser("admin")
				.password(new BCryptPasswordEncoder().encode("123456"))
				.roles("USER");
	}

	/**
	 * 配置
	 *
	 * @param http http
	 * @throws Exception 异常
	 */
	@Override
	protected void configure(final HttpSecurity http) throws Exception {

		http.httpBasic()
				.and()
				.authorizeRequests()
				.anyRequest()
				.fullyAuthenticated();
		http.sessionManagement()
				.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
	}

}
